<?php
	//lets make sure browsers won't cache this page!!
	// Date in the past
	header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
	// always modified
	header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
	// HTTP/1.1
	header("Cache-Control: no-store, no-cache, must-revalidate");
	header("Cache-Control: post-check=0, pre-check=0", false);
	// HTTP/1.0
	header("Pragma: no-cache");  
	
	//site is closed down
	//systemShutdown();

	require_once("setup.inc.php");

	$goHome = false;
	
	//determine what the user actually wants to do!
	if(isset($_REQUEST['do'])) {
	switch ($_REQUEST['do']) {
	  case 'login':
		//new login stuff
		$u = $_POST['u'];
		$p = $_POST['p'];
		// 1. Check if username is valid
		if(!check_valid_user($u)) {
			$login_error = 'Invalid Username!';
			break;
		}
		// 2. Check if they can login
		if(!check_allow_login($u)) {
			$login_error = 'You are not allowed to login!';
			break;
		}
		// 3. Check for local or remote auth
		if(local_auth_user($u,$p) or remote_auth_user($u,$p)) {
			//we're good.. log them in!
			$user_sql = sprintf("SELECT * FROM `t_drivers` WHERE `netid` = %s",quote_smart($u));
			$driver_data = mysql_query($user_sql);
			printMYSQLDebug($user_sql,$driver_data);
			$driver_row = mysql_fetch_assoc($driver_data);
			foreach ($driver_row as $key => $value) {
			  $_SESSION[$key] = $value;
			}
			//check if we should make them the d/d
			if(DISPATCHERS_ARE_SPECIAL && ($_SERVER['REMOTE_ADDR'] == DISPATCH_IP) && checkQualified("0400")) {//if dispatchers are special, they are in the d/d office, and they are a dispatcher, set the d/d var
				$_SESSION['is_dispatcher'] = 1;
			}

			$goHome = true;
		} else {
			//invalid password
			$login_error = "Invalid password!";
			break;
		}
		break;
	  case 'logout':
	    //user is all set, lets erase session variables to log them out
		session_unset();
		break;
	}
}
if (isset($_REQUEST['task'])) include(TASK_FILE);
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<link rel="icon" type="image/png" href="/favicon.png" />
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<title>University of Connecticut</title>
<script type="text/javascript" src="transpo.js"> </script>
<script language="JavaScript" type="text/JavaScript">
<!--
function UC_Search(object){ // bdaley
	// Determine Radio Value
	for (i=0, n=object.sitesearch.length; i<n; i++) {
	    if (object.sitesearch[i].checked) {
		   RV = object.sitesearch[i].value;
		   break;
	    }
	}
	
	// Quick Validation 
	if((object.q.value == '') || (object.q.value == 'Type Search Here')){
		alert('You must enter your search criteria.');
		object.q.focus();
		return false;
	}
	
	// Set Variables for People Search (Phonebook)
	if(RV == 'People'){
		object.method = "POST";
		object.action = "http://phonebk.uconn.edu/results.php";
		object.q.name = "basictext";
	}
}

function showMenuList() {
	var newValue = "<div style='text-align:center;'><form name=\"changeMenu\">\n<select name=\"menu1\" class='searchbox' onChange=\"MM_jumpMenu('parent',this,0)\">\n";
		newValue = newValue + "<option value=\"?task=changemenu&menu=\" disabled selected style='text-align:center;'>- Select Menu -</option>\n";
		newValue = newValue + "<option value=\"?task=changemenu&menu=\">Regular Menu</option>\n";
		<?php if(checkQualified("0400")) { ?>newValue = newValue + "<option value=\"?task=changemenu&menu=dispatcher\">Dispatcher</option>\n";<?php } ?>
		<?php if(checkQualified("1000")) { ?>newValue = newValue + "<option value=\"?task=changemenu&menu=amops\">Coordinator Menu</option>\n";<?php } ?>
		newValue = newValue + "</select>\n</form></div>";
	document.getElementById("sidebarChange").innerHTML = newValue;
}


function MM_jumpMenu(targ,selObj,restore){ //v3.0
  eval(targ+".location='"+selObj.options[selObj.selectedIndex].value+"'");
  if (restore) selObj.selectedIndex=0;
}
//-->
</script>
<link href="http://transpo.uconn.edu/css/transpo.css" rel="stylesheet" type="text/css">
<link href="http://transpo.uconn.edu/css/global.css" rel="stylesheet" type="text/css">
<link href="http://transpo.uconn.edu/css/borders.css" rel="stylesheet" type="text/css">
<link href="http://transpo.uconn.edu/css/rollovers.css" rel="stylesheet" type="text/css"></head>

<body>
<?php
	if(DEBUG) {
		?>
		<div style="border: 1px solid red; background-color:#FFCCCC; margin: 2px; padding: 5px; text-align:center; font-family: Verdana, Arial, Helvetica, sans-serif; font-weight:bold; ">The system is in Debug mode. This is a security risk!</div>
		<?php
	}
	if($_SESSION['is_dispatcher']) {
		?>
	<div id="coordinatorToolbar" style="background-color:#FFFFCC; border-bottom: 2px solid black; margin:0px; padding: 5px; text-align:center; font-family:Verdana, Arial, Helvetica, sans-serif; font-size: 12px; font-weight:bold; ">You are logged in as the Dispatcher on Duty <span style="display:block;font-weight:normal;">(<a href="#" onClick="setIdProperty('dd_container','display','block');">What's that mean?</a>)</span></div>
<div id="dd_container" style="display:none; position:absolute; left:0px; top: 100px; text-align:center; width:100%; ">
	<div id="dd" style="margin:auto; width:300px; border:1px solid black; padding:5px; background-color:#FFFFCC; font-size:12px;">
	<span style="font-size: 16px; font-weight:bold; display:block; text-align:center;">Dispatcher on Duty</span>
	<p>Being logged in as the Dispatcher on Duty gives you the following privileges:</p>
	<ul>
	  <li>You are allowed to sign people up for shifts on &quot;Pending&quot; schedules</li>
	</ul>
	<p>More privileges will come as the system grows. </p>
	<p style=" "><a href="#" onClick="setIdProperty('dd_container','display','none');">Click Here to Close</a></p>
	</div>
</div>
	
<?php } ?>
<?= $javascript ?>
<table width="100%" border="0" cellpadding="0" cellspacing="0">
  <!--DWLayoutTable-->
        <tr>
          <td height="80" colspan="7" align="left" valign="top" bgcolor="#000066" class="border_bottom" style="white-space:nowrap;"><a href="http://www.uconn.edu/"><img src="http://transpo.uconn.edu/images/blue_top.gif" alt="UConn Home" width="250" height="78" border="0"></a><a href="http://transpo.uconn.edu/index.php"><img src="http://transpo.uconn.edu/images/banner.jpg" alt="Banner" width="600" height="78" border="0"></a></td>
        </tr>
  <tr>
  	<td><table width="100%" border="0" cellpadding="0" cellspacing="0">
        <!--DWLayoutTable-->
          <tr align="center" valign="middle" bgcolor="#CCCCCC">
          <td width="12%" valign="middle" class="border_bottom"><a href="?home=home" class="global_nav-01">HOME</a></td>
          <td width="12%" valign="middle" class="border_bottom"><a href="?module=board" class="global_nav-01">CURRENT BOARD</a></td>
          <td width="12%" valign="middle" class="border_bottom"><a href="?workswap=view" class="global_nav-01">WORK SWAP</a></td>
          <td width="12%" valign="middle" class="border_bottom"><a href="?sched=pick_group" class="global_nav-01">SIGN-UPS</a></td>
          <td width="12%" valign="middle" class="border_bottom"><a href="?module=tools" class="global_nav-01">TOOLS</a></td>
          <td width="24%" valign="middle" class="border_bottom"><?php if(isset($_SESSION['netid'])) { echo '<a href="?do=logout" class="global_nav-01">LOGOUT</a>'; } else { echo '<form action="index.php?do=login" method="post"><span style="margin-right:3px; font-weight:bold; font-size:11px;">U: <input type="text" name="u" style="width:7em; font-size:10px; font-family: Verdana,Tahoma;" /></span><span style="margin-right:3px; font-weight:bold; font-size:11px;">P: <input type="password" name="p" style="width:7em; font-size:10px; font-family: Verdana,Tahoma;" /></span><span style=""><input type="submit" value="LOGIN" style="width:5em; font-size:10px; font-family: Verdana,Tahoma;" /></span></form>'; } ?></td>
          <td align="right" valign="middle" class="border_bottom"><span style="font-family:Arial, Helvetica, sans-serif; font-size: 10px; color:#000066; display: block; font-weight: bold; letter-spacing: 1px;"><?php if(isset($_SESSION['netid'])) { echo strtoupper('Logged in as ' . $_SESSION['firstname']); } else { echo strtoupper(date("F jS, Y")); } ?></span></td>
        </tr>
    </table></td>
  </tr>
  <tr>
    <td valign="top"><table width="100%" border="0" cellpadding="0" cellspacing="0">
        <!--DWLayoutTable-->
        <tr>
<?php include(MENU_FILE);  ?>

          <td align="left" valign="top" bgcolor="#eeeeee">
		  <!-- end index - start include file -->
            <?php
			 if(isset($_SESSION['driver_id'])) {
			   //they are logged in, let everything load
			   if (isset($_REQUEST['module'])) {
			   	include(MODULE_FILE);
			   } else if (isset($_REQUEST['op'])) { 
			   	include(AMOPS_FILE); 
			   } else if (isset($_REQUEST['report'])) { 
			   	include(REPORT_FILE); 
			   } else if (isset($_REQUEST['man'])) { 
			   	include(MANAGER_FILE); 
			   } else if (isset($_REQUEST['sched'])) { 
			   	include(SCHED_FILE); 
			   } else if (isset($_REQUEST['workswap'])) {
			    include(WORKSWAP_FILE);
			   } else if (isset($_REQUEST['seniority'])) {
			   	include(SENIORITY_FILE);
			   } else if (isset($_REQUEST['sched_maker'])) {
				include(SCHED_MAKER_FILE);
			   } else if (isset($_REQUEST['memo']) or isset($_REQUEST['msg'])) {
				include(INBOX_FILE);
			   } else if (($_REQUEST['home'] == 'home') || $goHome) { 
			   	include(HOME_FILE); 
			   } else {
			    print "&nbsp;";
			   }
			 } else {
			   //they have not logged in yet. tell them to login
			   if(isset($login_error))
			   	alertText($login_error);
			   include(LOGIN_FILE);
			 }
			?>
		  <!-- restart index - end include file -->
          </td>
        </tr>
    </table>
	</td>
  </tr>
  <tr>
    <td height="62" valign="top"><table width="100%" style="height: 62px;" border="0" cellpadding="0" cellspacing="0">
        <!--DWLayoutTable-->
        <tr>
          <td width="30%" valign="top" class="border_top" style="padding-left:15px; padding-top:8px;">		    <form action="http://www.google.com/u/UConnWeb" method="get" enctype="application/x-www-form-urlencoded" name="google" class="a10" onSubmit="return UC_Search(this);">
			    <input name="sitesearch" type="radio" id="googleuconn" value="uconn.edu" style="margin-left:0px;" checked>
			    <label for="googleuconn"><span class="footer_white10px"> UConn&nbsp;&nbsp;&nbsp;</span></label>&nbsp;&nbsp;&nbsp;
			    <input name="sitesearch" type="radio" value="" id="googleweb">
			    <label for="googleweb"><span class="footer_white10px"> The Web&nbsp;&nbsp;&nbsp;&nbsp;</span></label>&nbsp;&nbsp;
			    <input name="sitesearch" type="radio" id="People" value="People">
			    <label for="People"><span class="footer_white10px">People</span></label>
			    <div style="padding-top: 7px;">
				<label for="SearchName"></label>  <input type="text" id="SearchName" name="q" class="searchbox" style="margin:0px 0px 0px 0px; padding:0px 0px 0px 0px;" value=" Type Search Here"  onFocus="this.value=''" size="30">
					<input name="sa" type="image" style="vertical-align: top;" onMouseOver="this.src='images/search_rollover.gif'" onMouseOut="this.src='images/search_.gif'" src="images/search_.gif" alt="Find">
			    </div>
			    <input type="hidden" name="domains" value="uconn.edu">
                    </form></td>
          <td width="43%" align="left" valign="middle" class="border_top"><strong class="footer_grey10px"><?php if(checkQualified("4000")) {?><a href="?module=manip_vars" class="footer_link_grey">Manipulate Variables</a> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<a href="?module=test_design" class="footer_link_grey">Test Design</a><?php } else { ?><strong class="footer_grey10px">TranspoWeb v. <?= printVersion() ?></strong><?php } ?><strong class="footer_grey10px">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</strong><a href="http://www.uconn.edu/" class="footer_link_grey">UConn Home</a></strong></td>
          <td width="27%" align="left" valign="middle" class="border_top"><p><span class="footer_grey10px">Department 
              of Transportation Services<br>
              3 North Hillside Drive<br>
              Storrs, CT 06269</span><span class="footer_grey10px"><br>
              (860) 486-1448</span></p>
          </td>
        </tr>
        </table></td>
  </tr>
</table>
<?php if(DEBUG && checkQualified("4000")) include(DEBUG_FILE); ?>
<div id="bugReport" style="display:none; position:absolute; left:0px; top: 100px; text-align:center; width: 100%;">
	<div id="dd" style="margin:auto; width:430px; border:1px solid black; padding:0px; background-color:#FFFFFF; font-size:12px; text-align:left;">
	<form action="/includes/bugReport.php" method="post">
	<span style="font-size: 20px; font-weight:bold; display:block; text-align:center; background-color:#002800; color:#FFFFFF">Report a Bug!!</span>
	<span style="display:block; padding: 5px; width:390px; margin:auto; text-align:justify;">We want Transpo to have the BEST scheduling system available, so if you find a bug, PLEASE TELL US!!</span>
	<span style="text-align:center; display:block; "><textarea name="bugreport" id="bugReportDesc" style="width:390px; height: 200px; "></textarea></span>
	<span style="text-align:center; display:block; margin:10px;"><input type="button" value="Submit Bug" onClick="sendBugReport('<?= $_SESSION['driver_id'] ?>',document.getElementById('bugReportDesc').value,'<?= session_id() ?>'); return false;"> <input type="button" onClick="setIdProperty('bugReport','display','none');" value="Cancel"></span>
	</form>
	</div>
</div>
</body>
</html>
<?php
	function systemShutdown() {
		//check if this is matt77.225.17.100
		if ( ($_SERVER['REMOTE_ADDR'] == '77.225.17.100') or ($_SERVER['REMOTE_ADDR'] == '137.99.72.113') or ($_SERVER['REMOTE_ADDR'] == '66.212.209.177') )
				return;
		//check if this is matt overriding
		if ( $_REQUEST['override'] == 1 )
				return;
		//ok.. close it down..
				require("closed.php");
				exit;
	}
?>
